<?php 
require_once 'header.php';
require "backend/Customer.php";

?>
	
	<div id = "pagecontent">
	<h1>Checkout</h1>
	<fieldset>
	
	<?php 
			
			
	if(isset($_SESSION['customer']))
	{
		$cust = unserialize($_SESSION['customer']);
		$removed = 0;
		$totalPrice = 0;
		$items = $cart->returnCart();
		$index = $cart->returnIndex();
		$amounts = $cart->returnCartAmounts();
		if($index > 0)
		{
		echo "<p>The items in your cart are: </p>";
	
			
			
			for($i=0; $i<$index; $i++)
			{
				
				$query = "SELECT * FROM item WHERE no = '$items[$i]'";
				$result = $DTB->query($query);
				$name = mysql_result($result,0,'name');
				$itemPrice = mysql_result($result,0,'price');
				$allPrice = $itemPrice * $amounts[$i];
				$totalPrice += $allPrice;
				echo "$name X $amounts[$i] .....$$allPrice ";
				echo "<br>";

			}
			echo "<b><br>Total:</b> $$totalPrice";
			
			if(isset($_POST['Payment']))
			{
				$type = $_POST['Payment'];
				$orderDate = date("F j, Y, g:i:s a");// March 10, 2001
				
				//****FIRST CREATE ORDER*****
				$query = "INSERT INTO orders(" . " email," . " order_date)" . " VALUES('" . $cust->email . "', '" .$orderDate . "')";
				$result =  $DTB->query($query);
				
				//***Then query for unique auto incremented order number.
				$query = "SELECT order_no FROM orders WHERE order_date = '$orderDate'";
				$result =  $DTB->query($query);
				$ordernum = mysql_result($result, 0, 'order_no');
				
				
				//****add payment information to the table using unique auto incremented number from above
				$query = "INSERT INTO payment(" . 
				 " email," .
				 " order_no," .
				 " payment_date," .
				 " type," .
			 	" amount)" .
				 " VALUES('" .
				 $cust->email . "', '" .
				 $ordernum . "', '" .
				 $orderDate . "', '" .
				 $type . "', '" .
				 $totalPrice . 
				 "')";
				 
				 $result =  $DTB->query($query);
				//**then add all ordered food to the Order ITems table using the unique number.
				for($i=0; $i<$index; $i++)
				{
				
					$query = "SELECT * FROM item WHERE no = '$items[$i]'";
					$result = $DTB->query($query);
					$itemno = mysql_result($result,0,'no');
					$itemPrice = mysql_result($result,0,'price');
					$allPrice = $itemPrice * $amounts[$i];
					$query = "INSERT INTO orderitem(" . 
					 " order_no," .
					 " item_no," .
					 " quantity," .
					 " price)" .
					 " VALUES('" .
					 $ordernum . "', '" .
					 $itemno . "', '" .
					 $amounts[$i] . "', '" .
					 $allPrice .  
					 "')";
					
					 $result =  $DTB->query($query);
				}
				echo "<script language='JavaScript'>window.location.href='orderFinished.php'</script>"; 
			}
			
		?>	
		<form action="payment.php" method="post">
		
		<br>
		<p>Please select method of payment:</p>
		<div id = "Visa">
			Visa : 
			<input  name="Payment" type="radio" value = "VISA">
		</div>
		<div id = "MasterCard">
			MasterCard : 
			<input  name="Payment" type="radio" value = "MASTERCARD">
		</div>
		<div id = "DebitCard">
			Debit Card : 
			<input  name="Payment" type="radio" value = "DEBIT">
		</div>
		<div id = "Cash">
			Cash : 
			<input  name="Payment" type= "radio" value = "CASH">
		</div>
		
		<p>Also ensure name, phone and Address information is correct before ordering:</p>
		<?php 
			
			
			$name = $cust->getName();
			$phone = $cust->getPhone();
			$email = $cust->getUsername();
			$address = $cust->getAddress();
			
			echo "Name: $name<br>";
			echo "Phone: $phone<br>";
			echo "Email: $email<br>";
			echo "Address: $address<br>";
			
		
		?>
		
		<p><input type="submit" value="Order" /></p>
		</fieldset>
	</form>
	<?php }
	else
	 {
			echo "<font size=3 color=red><b>No items in your cart at this time for ordering.</b><p/></font><br/>";
	}
	
	}
	else {
		echo "<font size=3 color=red><b>You are not logged in. To log in <a href='Login.php'>Click Here.</a>  Or <a href='Register.php'>Register</a> here.</b><p/></font><br/>";
	}
	
	?>
	
	</div>
<?php
	
require_once 'footer.php';?>